Report - dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector

Report Overview

Submitted URL
dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
IP
103.253.213.43
ASN
#58487 Rumahweb Indonesia CV.
Submitted
2023-02-06 09:19:06
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
48

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	796 B	2.4 kB	35.241.9.150
dhs.or.id	unknown	2019-06-11T16:59:06Z	2023-02-11T11:01:27Z	42 kB	19 MB	103.253.213.43
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	2.2 kB	99 kB	104.17.24.14
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	407 B	574 B	142.250.74.164
snapwidget.com	52354	2012-07-20T17:48:14Z	2023-03-13T08:17:20Z	359 B	809 B	172.67.75.33
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.2 kB	142.250.74.131
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.40.68.141
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	58 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	390 B	65 kB	172.217.21.170
www.instagram.com	1096	2012-07-24T16:07:05Z	2023-03-13T05:09:13Z	774 B	852 B	31.13.72.174
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-13T08:02:38Z	435 B	42 kB	34.120.5.221
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.4 kB	4.6 kB	93.184.220.29
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	799 B	10 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-06	medium	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	Phishing
2023-02-06	medium	dhs.or.id//public/js/jquery.bxslider.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/bootstrap.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/owl.carousel.min.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/koepoekoepoelike.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/jquery-3.2.1.min.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/jquery.smartmenus.min.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/jquery-2.2.4.min.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/active.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/slick.min.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/bootstrap-datetimepicker.min.js	Phishing
2023-02-06	medium	dhs.or.id/public/penidabay/js/scripts.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/plugins.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/jquery.marquee.min.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/jquery.instagramFeed.min.js	Phishing
2023-02-06	medium	dhs.or.id//public/js/jquery.contactus.min.js	Phishing
2023-02-06	medium	dhs.or.id/public/css/fonts/Poppins-Regular.ttf	Phishing
2023-02-06	medium	dhs.or.id//public/fonts/fontawesome-webfont.woff2?v=4.6.3	Phishing
2023-02-06	medium	dhs.or.id//public/fonts/glyphicons-halflings-regular.woff2	Phishing
2023-02-06	medium	dhs.or.id/public/css/fonts/Poppins-Bold.ttf	Phishing
2023-02-06	medium	dhs.or.id/uploads/berita/berita_212610021016_IKomangAdiWiranata,alumniDHSsuksesditerimadiWaldorfAstoria,Dubai.jpeg	Phishing
2023-02-06	medium	dhs.or.id/uploads/berita/berita_212310091049_lulusanotomotifjugabisamenjadihotelier:kisahinspiratifadisaputra.jpeg	Phishing
2023-02-06	medium	dhs.or.id/uploads/berita/berita_211510081044_JanaOky,suksesditerimadiMSCCruiseLinesebagaiAsstWaiter.jpeg	Phishing
2023-02-06	medium	dhs.or.id/uploads/program/program_210701110126_DHSSERVEHUMANITY.jpeg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	dhs.or.id//public/js/jquery.instagramFeed.min.js	3.5 kB	2023-03-07	2023-06-18
Pretty URL dhs.or.id//public/js/jquery.instagramFeed.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:03:00 Last Seen2023-06-18 18:42:16 Times Seen3 Hash 0ed71476442d31c2c4839348dd59708e 2e51a8b3033648d1a67628dff114d9d7002cb81b e799146bdaab8e7696795d90d978e0d78f99f93f928c878135500672573711e4 Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	75 B	2023-03-07	2023-06-20
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:08 Last Seen2023-06-20 20:27:36 Times Seen14 Hash bb6bf46cb06f19aaf3e34e6a5a0c77f6 b147cf218baadfa6a8e10b4359ef49a2f8001c77 d090e3cc24e8141133c9dc57c3ac51c249b3a94d31ad8617b101d2335eed2b09 Loading...

	dhs.or.id//public/js/active.js	6.1 kB	2023-03-07	2023-06-18
Pretty URL dhs.or.id//public/js/active.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-18 18:42:16 Times Seen6 Hash c5830f6996490c7ec7eacbd3c7902abc cdd629fbb384e6fd10396bc27addbf59bcaa80b5 494f79826eafe173760246984f9701d8f75a4b1f2b47a62dfd2a9136d66fed2c Loading...

	dhs.or.id//public/js/koepoekoepoelike.js	547 B	2023-03-07	2023-06-18
Pretty URL dhs.or.id//public/js/koepoekoepoelike.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-18 18:42:16 Times Seen5 Hash 761379a0d9cc5aae85ec022c63b14f0e b38187196b6022cf98024c0fda810d82af4ab257 3c3640ce061d55c0fc60934e992a8686517fa806a3bda1e9d454b8378eeac472 Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	371 B	2023-03-07	2023-06-20
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-20 20:27:36 Times Seen5 Hash 5000b632ab8e14c232a4a9eb7cfa06a5 29669223bcd2310c4da298fe7987e2d45bd33e86 cac4fb8edf7b74a853d372bc19f465afba32272ba2a3416b9e38608b1e8076ce Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	214 B	2023-03-07	2023-03-13
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:03:00 Last Seen2023-03-13 18:18:38 Times Seen1 Hash 8de528923cceb0b0e96119a7ae165a8f 6af34da6a172f3749c2b5b3c9638b1bd4a107c03 68e7ad1bd03b11290ace1063eb842f5fe759f2f1f52ab2813c47a245b3434cdc Loading...

	dhs.or.id//public/js/jquery.smartmenus.min.js	24 kB	2023-03-07	2024-03-12
Pretty URL dhs.or.id//public/js/jquery.smartmenus.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:08 Last Seen2024-03-12 15:28:02 Times Seen406 Hash f37878df1d94bbea0dfb7e85612888ec 19df702835ff55ce5a9b76b9974f8597cc528c6a 2fe668f50e1b19f758d3a06ac0c60b0e869c6b31fa1ab43190b6af3dd4f46b8e Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	216 B	2023-03-07	2023-06-20
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:03:00 Last Seen2023-06-20 20:27:36 Times Seen2 Hash 2c27d82dd066b81db27ceb9b1748df9b 05bf826bb53f6bc04a90e84d11ee5f5a13c489b4 c46f6c9870ac1bc44ddb5c1550bdb4a161d0231851cd8ff977a497a6530d7a24 Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	3.3 kB	2023-03-12	2023-03-13
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:18:22 Last Seen2023-03-13 18:18:38 Times Seen1 Hash 689b2a6f0d83ec94453fb4347f914388 165997225d8d7c5d7da204d36cfcefd36a0f428c 78ea4f0f5c7c87fa757e403fa4e7d2aee87219e75dbef10c0727514ea02832ec Loading...

	dhs.or.id//public/js/owl.carousel.min.js	43 kB	2023-03-07	2024-04-18
Pretty URL dhs.or.id//public/js/owl.carousel.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-18 12:33:54 Times Seen8095 Hash b7b9c97cd68ec336d01a79d5be48c58d 1a99890b57c9859a622337ed0b2f989d6e30cc0e b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43 Loading...

	dhs.or.id//public/js/jquery.bxslider.js	49 kB	2023-03-07	2024-01-15
Pretty URL dhs.or.id//public/js/jquery.bxslider.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2024-01-15 23:10:01 Times Seen88 Hash 3f6612a05317aaf468eda198256a2b09 7e244415354d5ce9f542056afcdb12267a97fbeb c88508e00768812f51e004349364887351c0139b44b126479e06c08bcd5af4fc Loading...

	dhs.or.id//public/js/bootstrap.js	70 kB	2023-03-07	2024-04-15
Pretty URL dhs.or.id//public/js/bootstrap.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2024-04-15 17:37:32 Times Seen1104 Hash fb81549ee2896513a1ed5714b1b1a0f0 3b965a36a6b08854ad6eddedf85c5319fd392b4a 0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8 Loading...

	dhs.or.id//public/js/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-04-19
Pretty URL dhs.or.id//public/js/jquery-2.2.4.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 07:28:59 Times Seen379983 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	dhs.or.id/public/penidabay/js/scripts.js	17 kB	2023-03-07	2023-03-26
Pretty URL dhs.or.id/public/penidabay/js/scripts.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-03-26 11:40:04 Times Seen2 Hash 44b1814ad44b7548c9609149a1e495ee c384a962da86472a6581f36d15d2ce777ffa6d93 ba180750797e881f62ed83531b9541044d594b0db656c3b25b7a4c7db7ad121f Loading...

	dhs.or.id//public/js/plugins.js	192 kB	2023-03-07	2023-06-18
Pretty URL dhs.or.id//public/js/plugins.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2023-06-18 18:42:16 Times Seen6 Hash 7cdde9d424fc4139d8330ee6bcf9b43c fffbcd308443522dc129ed21ecbb4025de41cc0a f034f6993689e1d7aa07c3d217e6751a4298b4e38a5944619bc93eeae5b4c614 Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	2.1 kB	2023-03-07	2023-06-20
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-20 20:27:36 Times Seen4 Hash 2a8f56c72d7f76ef51c8279f0e7a1b1b 6ac6f44d7439872f93c19f05b04795bd210c4c24 8a2385d9cbb73f6f948fc57a0ba4f362f43765b5e7caaae8593f4b2d4c46235e Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	1.1 kB	2023-03-07	2023-03-13
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:03:00 Last Seen2023-03-13 18:18:38 Times Seen1 Hash 030b5adb3b4f74c82e0e79edebadbc7f 6c4f90344698817116ee63e7f791ec531366d597 305c84c0920335f8b72d029ad798504107fd4ed7e83626ca53e7fb159354df8a Loading...

	cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js	44 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-18 23:00:16 Times Seen19831 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	dhs.or.id//public/js/bootstrap-datetimepicker.min.js	39 kB	2023-03-07	2024-03-26
Pretty URL dhs.or.id//public/js/bootstrap-datetimepicker.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-03-26 10:04:15 Times Seen160 Hash 133134d91c22b5e48a7ccb45ab4eb6f4 673a42a35e39538b2b9eaf9caef96c99e3249584 2962efb284d7145f28de8f7328e8d4b180bf34f2a38189945dbaf1364f7417c9 Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	398 B	2023-03-07	2023-06-20
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-20 20:27:36 Times Seen4 Hash 793c07b40414a2a6747d5672b30ad5f3 467953404c4c33f15c2312c0db6676a8e31fc815 3b83d4b8ad107ff1ec3c89645ff12c14af528243fd36eb784e8bc9cf9c666936 Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	321 B	2023-03-07	2023-03-13
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:03:00 Last Seen2023-03-13 18:18:38 Times Seen1 Hash aa86e61b4db10f470f9caa79839166ba 77dccb873c32fac72aa2d34bd0cfe3f9b0f90986 a057b637ecbaf9e7d99738b9cf5d1e6f2c6fa9db36c3460d96030d2d34bbd91e Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 07:30:14 Times Seen36954253 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	dhs.or.id//public/js/jquery.contactus.min.js	14 kB	2023-03-07	2023-09-17
Pretty URL dhs.or.id//public/js/jquery.contactus.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:08 Last Seen2023-09-17 00:11:21 Times Seen26 Hash 0e98b6bfcaa5b8fef47d0cde840df6e6 bbb0cdbaaa0c385f5046b60a17f611406efa20ad 7e51e0463235219de4df3d4016c44e83c576a7d7b8bb72786dff1dd457dcdf56 Loading...

	dhs.or.id//public/js/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL dhs.or.id//public/js/jquery-3.2.1.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 07:29:19 Times Seen60761 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	dhs.or.id//public/js/slick.min.js	43 kB	2023-03-07	2024-04-19
Pretty URL dhs.or.id//public/js/slick.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-04-19 07:04:29 Times Seen34220 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	snapwidget.com/js/snapwidget.js	22 kB	2023-03-07	2024-04-14
Pretty URL snapwidget.com/js/snapwidget.js IP 172.67.75.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:26 Last Seen2024-04-14 20:04:48 Times Seen213 Hash cd118ff955860e80ea00d0c50226ab5b 03ad02355de0180ccf71bd9d01353cee7a16271e f6e667316e89b7f63fa57d6975985af56b8606258ffa79008c806a651449f8d7 Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	212 B	2023-03-07	2023-05-29
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:21 Last Seen2023-05-29 08:01:41 Times Seen2 Hash 3ad2b0e6f792e80e172e22956c1e49ec cd2797423162514c9cf906be2ed3c7119bd6bc82 197dd98f05ddf87527369a507e69bb8a68ce98c3d7e3f34db05ebc4163d48d65 Loading...

	dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf	439 B	2023-03-07	2023-06-20
Pretty URL dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-20 20:27:36 Times Seen5 Hash c981c08a729603816cdb54d1ebae3c66 28a83652c9353d333564e50a1d694d1aaf220e96 fc5d2b488ffb7680e755860a011d41eecc99bfb42bc3d131910a5774cc4a089e Loading...

	dhs.or.id//public/js/jquery.marquee.min.js	3.3 kB	2023-03-07	2023-06-20
Pretty URL dhs.or.id//public/js/jquery.marquee.min.js IP 103.253.213.43 ASN #58487 Rumahweb Indonesia CV. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:09 Last Seen2023-06-20 20:27:36 Times Seen9 Hash 47c658ce3d2b3c85a4351a8d84678337 85151957d65202d68042a53aff57e76c0d97ec42 329cd44da5aa7b2ce4e8f0d890a1ba9a0ef351b8a57ff72ce748db2d79a91d1b Loading...

HTTP Transactions (137)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8389
Expires: Mon, 06 Feb 2023 11:38:41 GMT
Date: Mon, 06 Feb 2023 09:18:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9651
Expires: Mon, 06 Feb 2023 11:59:43 GMT
Date: Mon, 06 Feb 2023 09:18:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: u/dSje3kfIxBBCnCLF5r05bJJ14/L1mw24GDO8wgI7CkrOX4TPJbkMB59KS12IHuaTM8wLg183xJcA7Y3CrVJw==
x-amz-request-id: QY61515JSERZWW95
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 08:53:38 GMT
age: 1514
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0bf32948ebe69cc5a92dce2b209a6bab
291d5e9e653dd98a1c4e7bdeb0dd6d55befe20ea
52a298b4036a7ae2fe6ea0630e9f9536a47b7e865a8a9d7b0c917f5111e885e8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A298B4036A7AE2FE6EA0630E9F9536A47B7E865A8A9D7B0C917F5111E885E8"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5619
Expires: Mon, 06 Feb 2023 10:52:31 GMT
Date: Mon, 06 Feb 2023 09:18:52 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

41 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
41 kB (41074 bytes)
Hash
2b57d90700e4510a504eeb3e068b3ade
5a038630841c294c20072713fee9b8d25e9ce316
05419254cc092ee8a22e0d6d21e0b1bdb876ee6cfb1f914d96a7050fcf7b0b9e

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: KuTxUxTXzyWUa9fK6oAzjGAgWRnI5yOfK4Ardj4EKoHVkkEMepTlJw==
content-encoding: gzip
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 09:16:16 GMT
content-type: application/json
content-length: 41074
age: 156
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 09:18:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11828
Expires: Mon, 06 Feb 2023 12:36:00 GMT
Date: Mon, 06 Feb 2023 09:18:52 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 08:34:03 GMT
content-type: application/json
age: 2689
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf

103.253.213.43

200 OK

20 kB

URL HTTP/1.1
dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5336), with CRLF, LF line terminators
Size
20 kB (19719 bytes)
Hash
9cca458fea2e0931a33ff18724790232
c48c9851c2507f83aaffacdb891d125b7722d313
8c2487dd3e99e02ba43de87cf282481460f8b339ca3cb51719224cc0ec237576

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac; expires=Mon, 06-Feb-2023 11:18:52 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 06 Feb 2023 09:18:52 GMT
server: LiteSpeed

dhs.or.id//public/css/owl.carousel.min.css

103.253.213.43

200 OK

905 B

URL HTTP/1.1
dhs.or.id//public/css/owl.carousel.min.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (2846)
Size
905 B (905 bytes)
Hash
5aebc2c708928de94caa731c721c2fe6
a8a3c831fd9d377495264c6e2bd1a6efc91ea6ab
6add1af88cce3158b8b46a1484352d9103b82e4525c9e94ba3f4d1870cc21733

HTTP Headers

GET //public/css/owl.carousel.min.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 905
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
c3fd3749702fc1d129a2fc5f7b326e3e
45a3e92ffc9c590c0b223423bc215eca968f55f3
65cc367c3bfe1de702a6020541aa8f2e184f5ac73e535dce6c406b9e81d249c0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5024
Cache-Control: max-age=147614
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Etag: "63e04ffb-118"
Expires: Wed, 08 Feb 2023 02:19:07 GMT
Last-Modified: Mon, 06 Feb 2023 00:55:23 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Last-Modified: Mon, 06 Feb 2023 07:39:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Last-Modified: Mon, 06 Feb 2023 07:39:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dhs.or.id//public/css/owl.theme.default.css

103.253.213.43

200 OK

522 B

URL HTTP/1.1
dhs.or.id//public/css/owl.theme.default.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
522 B (522 bytes)
Hash
c19ed5b4056ed646b291e8b071b19ed2
2d3a9b73e202ea1583f904ad71afc729b742d94c
5aed398f389315218694918c8ca9309bc007cb34b25872ba24817d1dee920cd6

HTTP Headers

GET //public/css/owl.theme.default.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 522
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css

104.17.24.14

200 OK

845 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3184)
Size
845 B (845 bytes)
Hash
156afaf08dd47df971d3a40926c19974
d3f886560b55ff3c39d628ef16a71ca49cb7ecfb
e4f93dd20cb7feb2c6d408b396e194928381545d24584431ab341ed094fb31fa

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: text/css; charset=utf-8
content-length: 845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-d17"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 906049
expires: Sat, 27 Jan 2024 09:18:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6gjQKc5iR98wpnYsp1gLC%2BuiisnwwujBdOmuXn3OGS1heL8rhMRZlWgkCProTdBDl8LB2Ny34qDnKQqnZeJ2OtgajTsdACnE8bd8SqkcIKIEUqgz3RFhgmDHyFSkL%2FHfhIGNgek"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd0f290b1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dhs.or.id//public/css/sm-core-css.css

103.253.213.43

200 OK

469 B

URL HTTP/1.1
dhs.or.id//public/css/sm-core-css.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
troff or preprocessor input, ASCII text
Size
469 B (469 bytes)
Hash
6b0bea9dfe92c8250daa76b83dc57200
71927e97c239923fd0f509e12cc170bc239320f9
c4cd45c4781f8059b4dcdc2a0d3a9252c6fef77992c70df31dabbbbea5186715

HTTP Headers

GET //public/css/sm-core-css.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 469
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 208225
expires: Sat, 27 Jan 2024 09:18:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbOO3mXubm%2BoGuZHO8x8mpyqohqRRMP9%2FBNQ5m2e16xlQl5cQrunWrWB%2FqXdolUgjABi9uTa0g3Mh%2Bc5wwq%2Fq3DIJv0y41onuxYxO%2FrjHI5ISa%2FWog%2BlfAOT3q4m6q8g3h4BDUrJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd0f29121c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 08:51:19 GMT
age: 1654
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css

104.17.24.14

200 OK

331 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (846)
Size
331 B (331 bytes)
Hash
c9eb6550c91c2a2f505af3b9acfbd9f5
9db062adb9e1f8b45ba84af5e55dd38587ddabc6
c64f83ee7947be6b299005510b64a85d5dd88998275f1ca498e27bad15ba35bc

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: text/css; charset=utf-8
content-length: 331
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-3f5"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 10678433
expires: Sat, 27 Jan 2024 09:18:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyEqdLFMHkl%2BNp3w4SMXRxive%2BEdu3lZR9KJBm3XwAIFw4yN66X0zOqga5DevDEH4EL4IK7ZG1vV1XZNC%2FcWXhkg0TJDzHfNFaTQhwYiGWzyo2Ot87%2FtwoqMOXBD86hqkHdYpO6m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd0f39361c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dhs.or.id//public/css/sm-simple.css

103.253.213.43

200 OK

1.4 kB

URL HTTP/1.1
dhs.or.id//public/css/sm-simple.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
1.4 kB (1386 bytes)
Hash
564edc2cf3bccd24e663ee7ed1c08461
8ff19296fe2689f1ecbb111ca37584b5891523ba
c6b6fc1722faa47edc8adf98505008d2a698a1d0d36831ae1d10741ac52d8804

HTTP Headers

GET //public/css/sm-simple.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1386
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js

172.217.21.170

200 OK

64 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32157)
Size
64 kB (64362 bytes)
Hash
7756e68f4eb51a103ca4470ef4bced27
acd37eeae2641edac458694a14c6e1a2985e87b6
1798a9b14876b546bb25c1dc964fa574c02538439b716433f1594aad03c3b2e1

HTTP Headers

GET /ajax/libs/jqueryui/1.11.2/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64362
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 18:39:38 GMT
expires: Mon, 05 Feb 2024 18:39:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 52755
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dhs.or.id//public/css/custom.css

103.253.213.43

200 OK

9.7 kB

URL HTTP/1.1
dhs.or.id//public/css/custom.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
assembler source, Unicode text, UTF-8 text, with very long lines (308)
Size
9.7 kB (9692 bytes)
Hash
b2050953b55d796968d02fc82ec48d61
b3389d57c79d163285dc7dc08d5f011b85e19478
d05c46d45cced01b6c8fe15b69123eba1a047efbb0a4419bc36432ac466267c2

HTTP Headers

GET //public/css/custom.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9692
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Last-Modified: Mon, 06 Feb 2023 07:39:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

dhs.or.id//public/css/bootstrap.css

103.253.213.43

200 OK

21 kB

URL HTTP/1.1
dhs.or.id//public/css/bootstrap.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (540)
Size
21 kB (21309 bytes)
Hash
df20a856bb80ecb48184763109429a37
b3f4784a12ec416d5e7915c65b725ae992eca8b7
7b05f86f77e1654f04348e8352fa3de08326871c2f21358760c63534405c70c2

HTTP Headers

GET //public/css/bootstrap.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 21309
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

www.google.com/recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV

142.250.74.164

400 Bad Request

119 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
119 B (119 bytes)
Hash
96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0

HTTP Headers

GET /recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Mon, 06 Feb 2023 09:18:53 GMT
expires: Mon, 06 Feb 2023 09:18:53 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

104.17.24.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (31997)
Size
10 kB (10158 bytes)
Hash
da09af9c30411ac4ea58fa932c2bcdf1
3021a222be0168efcad5db279a305485935aeff5
19e819601b91eb75c0609dd6343a344f280a94b83e06e58595bafff5b12ca7f4

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 10158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1518521
expires: Sat, 27 Jan 2024 09:18:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMsJo3oi%2FQhFLzC0Cr4ZdsDYeOu7AG0FC4NlPszSr%2Fk%2BfXe47M94Z7L71Bn6pwcxcHLAyQmMytuloAdvX2vA8PKkID0JW%2Fyauao7hPK%2BJOwAATX5Is%2BNCR5NKeuUiSMs2ujGts4M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd0fc9b61c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dhs.or.id//public/css/sm-blue.css

103.253.213.43

200 OK

1.8 kB

URL HTTP/1.1
dhs.or.id//public/css/sm-blue.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (1135)
Size
1.8 kB (1806 bytes)
Hash
54cb5e584280f59ce3535ab437c3c7e1
0b5a6a3f47e72a10bff12dadc35e2ea5c40da066
845d6d6b4cff53951068b9af002aecb29a12aaeba17e2f1126f8f7e55258daa6

HTTP Headers

GET //public/css/sm-blue.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1806
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dhs.or.id//public/css/animate.css

103.253.213.43

200 OK

4.2 kB

URL HTTP/1.1
dhs.or.id//public/css/animate.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (46487)
Size
4.2 kB (4200 bytes)
Hash
a2871788ed56f4a76fc04511d17429f3
61557e13199a62878415c0c3f13b6ac7da797e16
b516bcc4b307625284dd3770c32a92feaa7c05b41d28cbbd4fa17e6d16b3797b

HTTP Headers

GET //public/css/animate.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4200
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8844
Expires: Mon, 06 Feb 2023 11:46:17 GMT
Date: Mon, 06 Feb 2023 09:18:53 GMT
Connection: keep-alive

dhs.or.id//public/css/magnific-popup.css

103.253.213.43

200 OK

1.6 kB

URL HTTP/1.1
dhs.or.id//public/css/magnific-popup.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (5599), with no line terminators
Size
1.6 kB (1623 bytes)
Hash
3d5fae8a960727a9f8c5761c7ead7ca1
b85ead6da7890084b6384fc8b78582467f7507cd
6d191feaf312c8e18eb449ce353e1bca8be94e410479d687da6bc75b4f32f4bc

HTTP Headers

GET //public/css/magnific-popup.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1623
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/css/themify-icons.css

103.253.213.43

200 OK

3.0 kB

URL HTTP/1.1
dhs.or.id//public/css/themify-icons.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
3.0 kB (2953 bytes)
Hash
1fdd69c4e227fc2ac6c656e7ddf9e424
9c1cf78681a7657da469b7fdb0bc3a4c550f553d
678dda3fc2508e952449056da97c05890f312f6172032be151821161d7949855

HTTP Headers

GET //public/css/themify-icons.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2953
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/css/slick.css

103.253.213.43

200 OK

566 B

URL HTTP/1.1
dhs.or.id//public/css/slick.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
566 B (566 bytes)
Hash
d979503c94235e3d7c63804334eae591
927ae013d52d4b540539d6923201f42ccf78a77b
12bc72121ec549a084158825b575260a3feb5e67d795bce84d18874deec2f6df

HTTP Headers

GET //public/css/slick.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 566
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/css/jquery.bxslider.css

103.253.213.43

200 OK

1.1 kB

URL HTTP/1.1
dhs.or.id//public/css/jquery.bxslider.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
1.1 kB (1126 bytes)
Hash
eac850ba6b5fe367f4401f680f6ba3f7
24954ad8354d09829764ba76924f7c58845b2844
bd62645fd4c083c146cdf6ea21c835be2872c2ce7863f696f9049e765fadffdc

HTTP Headers

GET //public/css/jquery.bxslider.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1126
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/css/slick-theme.css

103.253.213.43

200 OK

864 B

URL HTTP/1.1
dhs.or.id//public/css/slick-theme.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
Unicode text, UTF-8 text
Size
864 B (864 bytes)
Hash
abdb521dcb99d105f1b8a57ce22f3f59
03c35040b8e4185e9768ad004c2f8e71daebbb57
22640aabed9e87ede610f077342b0b19476d11ee591f7fc88110468ed7608113

HTTP Headers

GET //public/css/slick-theme.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 864
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/css/bootstrap-datetimepicker.min.css

103.253.213.43

200 OK

1.6 kB

URL HTTP/1.1
dhs.or.id//public/css/bootstrap-datetimepicker.min.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (11083)
Size
1.6 kB (1616 bytes)
Hash
6f8ebb51449d11dbd64bf82ce3e89285
6bc956ebab4def6cf96450950b8e795ef60034fe
c2764dfe2565cc07e6e88805b0c363231e87bbe1aca36275e5a4f24fb029b627

HTTP Headers

GET //public/css/bootstrap-datetimepicker.min.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1616
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id/public/css/index.css

103.253.213.43

200 OK

2.6 kB

URL HTTP/1.1
dhs.or.id/public/css/index.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
2.6 kB (2611 bytes)
Hash
a5d72d1b66b86c01b4faad51d3df44db
27e876234aa489d8eb8e1b9ad776369049bbee61
fc41b8fa4e6c44a103ad541d0fe7e2272be694e18d32276b5aeaed27e41f28a7

HTTP Headers

GET /public/css/index.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: text/css
last-modified: Thu, 09 Jan 2020 07:20:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2611
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/js/jquery.bxslider.js

103.253.213.43

200 OK

12 kB

URL HTTP/1.1
dhs.or.id//public/js/jquery.bxslider.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
12 kB (11677 bytes)
Hash
6e7bc98fb1615dd0f9813a45ce751b99
cf25b928c6d3aabac7450d81ea7a0757e71c462a
94def53b27c9e42692bd6dfe5c37b9bc4f735b535d819d8b729a7d9353436adf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery.bxslider.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11677
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

push.services.mozilla.com/

52.40.68.141

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.68.141:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I2tu8jXLn5usHyUBEufi1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Fw7BLskU28Ip3VKNGmSCSIMw4lg=

dhs.or.id//public/js/bootstrap.js

103.253.213.43

200 OK

14 kB

URL HTTP/1.1
dhs.or.id//public/js/bootstrap.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
14 kB (14437 bytes)
Hash
ab228ec95779ac631bc13b4c62fc1927
6a269be920ba864437f0931fa217d536359a89c2
ea44e2f14b631d903d45906e2dfb5889df91ff8fdcde7934ed2fd65ce394b626

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/bootstrap.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14437
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/js/owl.carousel.min.js

103.253.213.43

200 OK

11 kB

URL HTTP/1.1
dhs.or.id//public/js/owl.carousel.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (32000)
Size
11 kB (10951 bytes)
Hash
a887cebbad63de094ca671c2c39532c8
ebf38f6f34d0c03368cc5120cebc469edc964340
471b9524213fd20d992306836cd6d74c2c8e318d78e1fb18ee6186c9322ad008

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/owl.carousel.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10951
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/js/koepoekoepoelike.js

103.253.213.43

200 OK

285 B

URL HTTP/1.1
dhs.or.id//public/js/koepoekoepoelike.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
285 B (285 bytes)
Hash
c0c3cd6358a5cdf8376bb82a90bcb882
5378da0f516890f99c8df006bdde4d13317baa04
68b617754bd6ed45474b51c58c294d07d3785cf160da2ebe78cd8c5e5e524f89

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/koepoekoepoelike.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 285
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/js/jquery-3.2.1.min.js

103.253.213.43

200 OK

30 kB

URL HTTP/1.1
dhs.or.id//public/js/jquery-3.2.1.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (32058)
Size
30 kB (30229 bytes)
Hash
2b9c3a55026fa687fa8add847adc9703
f2d759f36127a585a1353362fc0888eb5ccc38f8
5a2a26016574209924c64a06714a35f93eb82a215bb635a98706e3421e5e305d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery-3.2.1.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30229
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/js/jquery.smartmenus.min.js

103.253.213.43

200 OK

7.1 kB

URL HTTP/1.1
dhs.or.id//public/js/jquery.smartmenus.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (24459)
Size
7.1 kB (7063 bytes)
Hash
85d13c2f45095edc5516c464b9512c95
a62a2954296badd17816bdf460c3a9d0486c6a29
1289b1b819e3aea3518545a7243b2ac5c367b7926296256d372ef94acc4a9d54

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery.smartmenus.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7063
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/js/jquery-2.2.4.min.js

103.253.213.43

200 OK

30 kB

URL HTTP/1.1
dhs.or.id//public/js/jquery-2.2.4.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (32065)
Size
30 kB (29909 bytes)
Hash
f50985fa1fdbe40e0a8efc8f7e6c4d10
ceeb06184bd23b9b4f134ae101736b30ac66fdef
eab597a347a3be859dbaa88785f858d55b432bc95b5c8fc50de61d7a87a04826

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery-2.2.4.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 29909
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/js/active.js

103.253.213.43

200 OK

1.5 kB

URL HTTP/1.1
dhs.or.id//public/js/active.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1494 bytes)
Hash
fd8d44613c1ec832530acfcb4d3bdb2e
629e005d5d077093fdf1b29c7b264c960486e4ae
8e373dbeffe46945856ebf91fedc7b3446d06b8080ea85850dddf62e9d7dbf13

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/active.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1494
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/js/slick.min.js

103.253.213.43

200 OK

10 kB

URL HTTP/1.1
dhs.or.id//public/js/slick.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (42862)
Size
10 kB (10414 bytes)
Hash
38871a60d3cf10ca0766761b1a65f819
a5bc60c160fc49c707e43ec8bd79bf6bbc0c6bff
ab1372cd813bb4a31c90e3df45d18c170fc2f571fb40be43201d7bc99f982b37

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/slick.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10414
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/js/bootstrap-datetimepicker.min.js

103.253.213.43

200 OK

9.9 kB

URL HTTP/1.1
dhs.or.id//public/js/bootstrap-datetimepicker.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (39213), with no line terminators
Size
9.9 kB (9881 bytes)
Hash
4d030356c61bc342c303b401f23afaf2
ef80de13c210b73ae33e84c72ee02cd687e56e72
5ced3bc1f7fa912f0b7a980154af33eb24e4093696eca588c81d2ba369eedc96

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/bootstrap-datetimepicker.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9881
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id/public/penidabay/css/responsive.css

103.253.213.43

200 OK

3.4 kB

URL HTTP/1.1
dhs.or.id/public/penidabay/css/responsive.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (373), with CRLF line terminators
Size
3.4 kB (3407 bytes)
Hash
d6b19bcc56099c5a30e98cacdc717bec
82e8ea7a3eaba0bbf8fe759d0d321b5eb5a494a8
b7979310ff50655605682b1cac2f2fceb3fb1f3c745ec8d52564806091492a8c

HTTP Headers

GET /public/penidabay/css/responsive.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Thu, 07 Sep 2017 09:51:48 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3407
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id/public/penidabay/js/scripts.js

103.253.213.43

200 OK

4.6 kB

URL HTTP/1.1
dhs.or.id/public/penidabay/js/scripts.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with CRLF line terminators
Size
4.6 kB (4649 bytes)
Hash
b32e0f399e85a3f013394aa06aab3129
4226d2eb5f716390883d622df8cc78c542f158de
46c4f916715253d85e52f3eba7fa87a7acc21d8d0ce1dfdca1ac9465074051dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/penidabay/js/scripts.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Sun, 07 May 2017 15:24:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4649
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/js/plugins.js

103.253.213.43

200 OK

54 kB

URL HTTP/1.1
dhs.or.id//public/js/plugins.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (32068), with CRLF line terminators
Size
54 kB (54337 bytes)
Hash
ac77da9af533ae98c13daff51057e035
f9f81b96551a15d19073b77627b8c6d201d8200c
d559b9b962e326bda1aebd87314951483261020736b9358d9a430208c201c71d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/plugins.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 54337
date: Mon, 06 Feb 2023 09:18:53 GMT
server: LiteSpeed

dhs.or.id//public/css/jquery.marquee.min.css

103.253.213.43

200 OK

278 B

URL HTTP/1.1
dhs.or.id//public/css/jquery.marquee.min.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text
Size
278 B (278 bytes)
Hash
db39762b8cd1de4903978c703006bdc2
f248f9ba9dca8cd4676b3488038f29c926227f9c
dc6be64f7f152f92d06512f48e403d8033355dc8acb5bc3f18a8ad488d76c768

HTTP Headers

GET //public/css/jquery.marquee.min.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 278
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/js/jquery.marquee.min.js

103.253.213.43

200 OK

1.5 kB

URL HTTP/1.1
dhs.or.id//public/js/jquery.marquee.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (2541), with CRLF line terminators
Size
1.5 kB (1531 bytes)
Hash
fc904b1c00c8015559e571543e575567
9b9079a50babef44c2a4fc0153fef59525b665f9
649b9c1c6185ff7fb5dab39f12e01130951678360407bf6ba39236be216ee919

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery.marquee.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 04:16:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1531
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/css/color.css

103.253.213.43

200 OK

889 B

URL HTTP/1.1
dhs.or.id//public/css/color.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (3475), with no line terminators
Size
889 B (889 bytes)
Hash
0e6cd7b8c8d74d68753ad7be054872c2
5706a3813f6854d52284b92a0b3d0e916922cd97
5950d61d83a300dcc8a2d7cb37778731772c7b0e51942a98230f4ce6570e4584

HTTP Headers

GET //public/css/color.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Sat, 31 Aug 2019 03:50:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 889
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/css/materialize.css

103.253.213.43

200 OK

1.7 kB

URL HTTP/1.1
dhs.or.id//public/css/materialize.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (6894), with no line terminators
Size
1.7 kB (1697 bytes)
Hash
a5c1bdd164b0553add33479904130a41
b36a504dece8bfaf1b2991dc3e2c3571c1e7cdc1
0f8dcafc573491103bfcbeb5fbf16a6cffff25f7d8fd842242f43cd34e6dba97

HTTP Headers

GET //public/css/materialize.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1697
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/css/font-awesome.css

103.253.213.43

200 OK

7.0 kB

URL HTTP/1.1
dhs.or.id//public/css/font-awesome.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
7.0 kB (6978 bytes)
Hash
e78cfdd9c09ed86425d12952baa61e4e
077e83187d29e21e2de52f47417a779f5d3e29cb
7ee2e585165b1d8650fe5de41f06bb17c80247f60cebb99cebaf290e73cdbb48

HTTP Headers

GET //public/css/font-awesome.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6978
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/css/bootstrap-social.css

103.253.213.43

200 OK

3.4 kB

URL HTTP/1.1
dhs.or.id//public/css/bootstrap-social.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (556)
Size
3.4 kB (3366 bytes)
Hash
96bbbcfbe5cc307ca96f6759983b7610
ad1523be389a13acfe00cd607fa5e36dbe27f7b9
2401e6d236a24eb0c386675d8cb23460b8e54dd723963c183da6cb2b16f9f52a

HTTP Headers

GET //public/css/bootstrap-social.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3366
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/js/jquery.instagramFeed.min.js

103.253.213.43

200 OK

1.5 kB

URL HTTP/1.1
dhs.or.id//public/js/jquery.instagramFeed.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
HTML document, ASCII text, with very long lines (3268), with CRLF line terminators
Size
1.5 kB (1461 bytes)
Hash
c2d0d758df4c0cfd9f0a390eba7f95d4
2db836b90cf7c84f124030c113f933d1e3eb9140
e864b68be7b98d508df10f74362eadb32f5f1a99d8add1f26f445e6141850949

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery.instagramFeed.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Wed, 27 Jan 2021 03:17:23 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1461
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/css/jquery.contactus.min.css

103.253.213.43

200 OK

2.9 kB

URL HTTP/1.1
dhs.or.id//public/css/jquery.contactus.min.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (18438), with CRLF line terminators
Size
2.9 kB (2944 bytes)
Hash
3eb96eb3238672149814fc6955b569fd
03e0f0c62df436b4f2c8ac78a1170d8bbc7fd233
87792adfbef6c32644fc979c402e623a10c6ec8ec63ffc342aa35345455040aa

HTTP Headers

GET //public/css/jquery.contactus.min.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: text/css
last-modified: Mon, 09 Sep 2019 09:02:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2944
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/js/jquery.contactus.min.js

103.253.213.43

200 OK

3.8 kB

URL HTTP/1.1
dhs.or.id//public/js/jquery.contactus.min.js
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
ASCII text, with very long lines (13933), with no line terminators
Size
3.8 kB (3768 bytes)
Hash
bf8c9d234171370f8e1eff4df60bbdeb
a909437a7e7c5519b84782243a1bd550d65fc5ef
ddc9d14338b2f43f0e60aa4a643651621c3b84ebda27d910d2354eba522fc098

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/js/jquery.contactus.min.js HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: application/javascript
last-modified: Mon, 09 Sep 2019 09:03:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3768
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/css/iconmoon.css

103.253.213.43

200 OK

20 kB

URL HTTP/1.1
dhs.or.id//public/css/iconmoon.css
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5336), with CRLF, LF line terminators
Size
20 kB (19719 bytes)
Hash
9cca458fea2e0931a33ff18724790232
c48c9851c2507f83aaffacdb891d125b7722d313
8c2487dd3e99e02ba43de87cf282481460f8b339ca3cb51719224cc0ec237576

HTTP Headers

GET //public/css/iconmoon.css HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id//public/css/custom.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3415
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:18:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12459 bytes)
Hash
b2e321721a636309ac45c6722f71a5d5
8f4224824571577109bf32b1fa7646dbfb88e818
a52611068a9694594dec4dddb1bd29afdbba897a2e1f61dcf3ceb81e262912e8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12459
x-amzn-requestid: 5dd251ba-30e6-47aa-846a-9cefa9aa4928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPHlWIAMFnZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-402585d71ebd0ebf75af210d;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dMwyfVFayhAjpMMOiE96N2N5TwdvJ52UvscJ6miuz4W3qNKXVS9jaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:11 GMT
age: 41324
etag: "8f4224824571577109bf32b1fa7646dbfb88e818"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700

142.250.74.74

200 OK

9.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
9.2 kB (9151 bytes)
Hash
6b6fb6fea55585537944cbb463a2b687
ccd80fd860904297e363da0216ff2a0365dd5694
e4777704032c13eb325c3c3792a761376ad4bcdd381feb01cb02666cf260b7e9

HTTP Headers

GET /css?family=PT+Sans+Narrow:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 09:18:53 GMT
date: Mon, 06 Feb 2023 09:18:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8971 bytes)
Hash
ea463f7a06fe1403c18c8ce8781244a1
fbbe4b97e4b39983b36340030f6b40adc69cd485
93a12a85886512e3336d027c889a2276087976b1c9106356cc81596b88087042

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b1baa973-5b7c-4daa-af2e-e9f0b3c6a604
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzViwFG1IAMF4qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de02de-4a0c9cf45c1a20083bb838dc;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:01:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sAiUWR0kcs2yN_7IIHwlSl1eNIRMEaSJ8QD_Uti1CU6IFIGh0kSmSw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 08:03:07 GMT
age: 4548
etag: "fbbe4b97e4b39983b36340030f6b40adc69cd485"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12256 bytes)
Hash
062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q5tAmSUsPHlKjkJSksZpvVrOAsduYKg0uuTlc03yvuhtO1BUKlHyuA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 07:54:29 GMT
age: 5066
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9808 bytes)
Hash
ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 41332
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9504 bytes)
Hash
d97807096c24402f2938faa7bef0bb1f
5dcc91fcfb218579f9bb8d74949c62b42a0ee0f5
61d5e5e14348dcd17a2d65ed50bf4870cfa0869b2027bd9e02e5656b71ae7b07

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9504
x-amzn-requestid: 5ed1526b-636a-4aac-9900-3438fe44bc68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4o9ZF4fIAMFuhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e021ef-6925f9fa343504e94459aa70;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:38:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U81u29w8Kam-xsluWwUqh-4J1bS-8viBRP4f6ERFJcGUpsDLcB-feg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:09 GMT
age: 41266
etag: "5dcc91fcfb218579f9bb8d74949c62b42a0ee0f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.24.14

200 OK

77 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://dhs.or.id
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:55 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 983065
expires: Sat, 27 Jan 2024 09:18:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EDgLPGhsYppK%2FXS8ROo7fYgkb0AwrYsTUxQJ43AVVZbtz1%2BWDpMOsJfcoWs%2BQXq%2BQgJLWQEam3yqSId%2FSpaUpqzxHTxaHfQ0XpM04ZqaiIhjR1V17z5MnUuJlvdYhSL5hpdn6ZG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7952cd1a0dec1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dhs.or.id/uploads/program/program_202708010814_FBSBartender.jpg

103.253.213.43

200 OK

632 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010814_FBSBartender.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:06:06], baseline, precision 8, 1000x667, components 3\012- data
Size
632 kB (631753 bytes)
Hash
176bdd6f3c056b39e5553a9d466cf3a6
d9b967fa8f69d66368bfe68c18b86c3742693524
6d77e83c6aa75a31880a9667798ec14c2c0dcc8ee9993cdde4b3508b60eafe90

HTTP Headers

GET /uploads/program/program_202708010814_FBSBartender.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:12:14 GMT
accept-ranges: bytes
content-length: 631753
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010832_CulinaryArt.jpg

103.253.213.43

200 OK

539 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010832_CulinaryArt.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:07:20], baseline, precision 8, 1000x667, components 3\012- data
Size
539 kB (539375 bytes)
Hash
9daf55b9cbbc51d5112759ebb6083aea
32994d491731f9feb4a076daa603cc8065028eb0
5c292726296a9bdc5f0af008009ff7fb4b108ac0b26a500c2a811b96c3be85d1

HTTP Headers

GET /uploads/program/program_202708010832_CulinaryArt.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:12:32 GMT
accept-ranges: bytes
content-length: 539375
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010845_Perhotelan.jpg

103.253.213.43

200 OK

474 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010845_Perhotelan.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:10:35], baseline, precision 8, 1000x667, components 3\012- data
Size
474 kB (474499 bytes)
Hash
f94d149c3560f17e349ee742f54186ad
199b9e8c2615273cc2d867775377f9039ec2e5ef
52c1f9c02efee47d20bc3078025f1d13e44613d61ac70dbf988a3183a59559ba

HTTP Headers

GET /uploads/program/program_202708010845_Perhotelan.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:12:45 GMT
accept-ranges: bytes
content-length: 474499
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id/public/css/fonts/Poppins-Regular.ttf

103.253.213.43

200 OK

122 kB

URL HTTP/1.1
dhs.or.id/public/css/fonts/Poppins-Regular.ttf
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright (c) 2014 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular2.000;ITFO;Popp\012- data
Size
122 kB (121682 bytes)
Hash
9d55f938715168401f6ffb36899d95aa
ad0b3ce05af6a3f80b8a14c175052080e5a7f6fa
7ad2e29a1f992def35bb5ea135933e128795cc0a52cbe1458efd940ae16014ac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/css/fonts/Poppins-Regular.ttf HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/public/css/index.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: font/ttf
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 121682
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010816_CruiseLineFBS.jpg

103.253.213.43

200 OK

556 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010816_CruiseLineFBS.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:21:40], baseline, precision 8, 1000x667, components 3\012- data
Size
556 kB (555536 bytes)
Hash
b048b857a6d9d9e894ff501c79e04bf2
2345bae820804b1b1ae067fc2d87f4391b6f7151
03729bcc981af62c1f3c0cefcd5bd9ab3c3662257a969225ea1bb4b58586c380

HTTP Headers

GET /uploads/program/program_202708010816_CruiseLineFBS.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:34:16 GMT
accept-ranges: bytes
content-length: 555536
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010828_CruiseLineCook.jpg

103.253.213.43

200 OK

538 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010828_CruiseLineCook.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:20:43], baseline, precision 8, 1000x667, components 3\012- data
Size
538 kB (537966 bytes)
Hash
3f56f5989bf01175eb746d779bde8e2c
94e21be769a44b2c2181719fc6485d3ee2b55933
7f56357694cbb6023a1db50dcdcd5322773c936454a68143432a2dcc9f5efaa9

HTTP Headers

GET /uploads/program/program_202708010828_CruiseLineCook.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:34:28 GMT
accept-ranges: bytes
content-length: 537966
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010853_FBSBartender.jpg

103.253.213.43

200 OK

584 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010853_FBSBartender.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:22:14], baseline, precision 8, 1000x667, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 16, minimum point enabled, calibration: offset 0.000000, slope 301700842854318597556215362879488.000000\012- data
Size
584 kB (583625 bytes)
Hash
32bd31e3902b41894de2dca3a511683a
e14adf031395849f4470bc73db84454ecc46ae06
0e9bad8d6c90830d70d12dcaf8e1aaa56b343efff60db7790053498f3f8282e5

HTTP Headers

GET /uploads/program/program_202708010853_FBSBartender.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:54 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:34:53 GMT
accept-ranges: bytes
content-length: 583625
date: Mon, 06 Feb 2023 09:18:54 GMT
server: LiteSpeed

dhs.or.id//public/fonts/fontawesome-webfont.woff2?v=4.6.3

103.253.213.43

200 OK

72 kB

URL HTTP/1.1
dhs.or.id//public/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://dhs.or.id//public/css/font-awesome.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: font/woff2
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-length: 71896
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id//public/fonts/glyphicons-halflings-regular.woff2

103.253.213.43

200 OK

18 kB

URL HTTP/1.1
dhs.or.id//public/fonts/glyphicons-halflings-regular.woff2
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET //public/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://dhs.or.id//public/css/bootstrap.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: font/woff2
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-length: 18028
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/public/css/fonts/Poppins-Bold.ttf

103.253.213.43

200 OK

122 kB

URL HTTP/1.1
dhs.or.id/public/css/fonts/Poppins-Bold.ttf
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright (c) 2014 Indian Type Foundry (info@indiantypefoundry.com)PoppinsBold2.000;ITFO;Poppins\012- data
Size
122 kB (121905 bytes)
Hash
88182954337c602d8af0bfbec47c2145
d4947aefb19e6283953b876e6e65cada549b3c28
7b1cdf61f54770339bc72fcb14c94f67a538d8c74924d727494e208d6f3beb66

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /public/css/fonts/Poppins-Bold.ttf HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/public/css/index.css
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: font/ttf
last-modified: Tue, 20 Aug 2019 04:16:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 121905
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/bg_welcome.jpg

103.253.213.43

200 OK

161 kB

URL HTTP/1.1
dhs.or.id/uploads/bg_welcome.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x527, components 3\012- data
Size
161 kB (161323 bytes)
Hash
c2b3559b8c5ad5ced8fee6328a6ec299
6573151349900ad3e60f9a5bd9b18c769364e7e8
b48ec8e174cf794d0e93d333f978041a4f639c534d7826a37c222f075771ea32

HTTP Headers

GET /uploads/bg_welcome.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2019 03:28:48 GMT
accept-ranges: bytes
content-length: 161323
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/berita/berita_220410111018_LuncurkanProgramRPLberbasisDistanceLearningProgram,DHSberharapmampumenjadiakselelatorkompetensipendidikanpekerjapariwisatadiIndonesia.jpg

103.253.213.43

200 OK

51 kB

URL HTTP/1.1
dhs.or.id/uploads/berita/berita_220410111018_LuncurkanProgramRPLberbasisDistanceLearningProgram,DHSberharapmampumenjadiakselelatorkompetensipendidikanpekerjapariwisatadiIndonesia.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x495, components 3\012- data
Size
51 kB (51060 bytes)
Hash
9ff26da2ab71b26084a44aa622dd2886
6c7b4e4722031ed2a63d135ffac36b804e7d8e42
e1bcdfff712e07367eddd2702720539c09556f66f0df0487e62ab2eb0b625142

HTTP Headers

GET /uploads/berita/berita_220410111018_LuncurkanProgramRPLberbasisDistanceLearningProgram,DHSberharapmampumenjadiakselelatorkompetensipendidikanpekerjapariwisatadiIndonesia.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 03:59:18 GMT
accept-ranges: bytes
content-length: 51060
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/berita/berita_212610021016_IKomangAdiWiranata,alumniDHSsuksesditerimadiWaldorfAstoria,Dubai.jpeg

103.253.213.43

200 OK

104 kB

URL HTTP/1.1
dhs.or.id/uploads/berita/berita_212610021016_IKomangAdiWiranata,alumniDHSsuksesditerimadiWaldorfAstoria,Dubai.jpeg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1000, components 3\012- data
Size
104 kB (104180 bytes)
Hash
ab9d1f6b155d9a2232cee8f3155359ec
e32c4e9938024e5c783168615ed321142924ba50
0c09053253f655f8a9497810eb90b2768c038baf70ff7db276f854b0222abbe9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/berita/berita_212610021016_IKomangAdiWiranata,alumniDHSsuksesditerimadiWaldorfAstoria,Dubai.jpeg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Tue, 26 Oct 2021 06:27:16 GMT
accept-ranges: bytes
content-length: 104180
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/berita/berita_212310091049_lulusanotomotifjugabisamenjadihotelier:kisahinspiratifadisaputra.jpeg

103.253.213.43

200 OK

101 kB

URL HTTP/1.1
dhs.or.id/uploads/berita/berita_212310091049_lulusanotomotifjugabisamenjadihotelier:kisahinspiratifadisaputra.jpeg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1334, components 3\012- data
Size
101 kB (101448 bytes)
Hash
45329a3a07ac35961863d2ad9aeafa84
26e699fbd20afea78ede0a13e361f23c6f25cb32
bfe3b3edc815cebc8dd384c3e21494ee7e51bddce450b5271d091f38262cf8a5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/berita/berita_212310091049_lulusanotomotifjugabisamenjadihotelier:kisahinspiratifadisaputra.jpeg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Sat, 23 Oct 2021 13:07:50 GMT
accept-ranges: bytes
content-length: 101448
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/berita/berita_211510081044_JanaOky,suksesditerimadiMSCCruiseLinesebagaiAsstWaiter.jpeg

103.253.213.43

200 OK

130 kB

URL HTTP/1.1
dhs.or.id/uploads/berita/berita_211510081044_JanaOky,suksesditerimadiMSCCruiseLinesebagaiAsstWaiter.jpeg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1334, components 3\012- data
Size
130 kB (130333 bytes)
Hash
ddc85b12f92e2b7b5c63d0cccc3130d6
68f5894aa01b4590bdd1d182dd387cd7e4107083
a6ec9d0f35176d52f2d1820273687d4d78ea6d299d2aa49cea286a16423fe830

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/berita/berita_211510081044_JanaOky,suksesditerimadiMSCCruiseLinesebagaiAsstWaiter.jpeg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Fri, 15 Oct 2021 00:44:44 GMT
accept-ranges: bytes
content-length: 130333
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708110812_AustraliaStudyVisit.jpg

103.253.213.43

200 OK

489 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708110812_AustraliaStudyVisit.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 11:35:37], baseline, precision 8, 1000x667, components 3\012- data
Size
489 kB (489365 bytes)
Hash
4c4d3ff856444cf0ca0a5eb6b1b5366c
2611023b01b56711d4461e84b4207ed8cc0335cb
a17c199b26da8d3c415434b98857f92933fff450d1540a7df6cc1f50d2300b8e

HTTP Headers

GET /uploads/program/program_202708110812_AustraliaStudyVisit.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 03:37:12 GMT
accept-ranges: bytes
content-length: 489365
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708120839_AusbildungJerman.jpg

103.253.213.43

200 OK

486 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708120839_AusbildungJerman.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:54:08], baseline, precision 8, 1000x667, components 3\012- data
Size
486 kB (486346 bytes)
Hash
165d176936372323e8c82021e6d2bf8c
feb3394a2f70f4fbdaf60701da2e46f7c36ec6fe
bc5370e31f21989450755b22be4a2623d6e9e1280d3fa12aad86b502c5ff39fe

HTTP Headers

GET /uploads/program/program_202708120839_AusbildungJerman.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:55:39 GMT
accept-ranges: bytes
content-length: 486346
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708120842_SingapuraStudyVisit.jpg

103.253.213.43

200 OK

478 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708120842_SingapuraStudyVisit.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:09:26], baseline, precision 8, 1000x667, components 3\012- data
Size
478 kB (477516 bytes)
Hash
9da77ee921ea91483f1027ced9202599
020bf059e0173bd84afd4601b834b697847b61c4
50adf46eb42755549b89bb7d0808caecc81a8ce05a6c5d3d59d62c5e2dafdc91

HTTP Headers

GET /uploads/program/program_202708120842_SingapuraStudyVisit.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:54:42 GMT
accept-ranges: bytes
content-length: 477516
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/berita/berita_212611051140_DHSluncurkanBRATACLASSuntukMilenialsGenZGenUntukBersaingdiEraGlobalisasi.png

103.253.213.43

200 OK

1.8 MB

URL HTTP/1.1
dhs.or.id/uploads/berita/berita_212611051140_DHSluncurkanBRATACLASSuntukMilenialsGenZGenUntukBersaingdiEraGlobalisasi.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 MB (1757391 bytes)
Hash
f6ca5d7fe8ed8394c0c585abe700a061
ea1ad3d03da13fdc8d837fbb0f56d6a580d9e3cf
e2a830f86d32d26400c1b9ad522bd13d3021d2fbaa15a710774737c7f5b8e814

HTTP Headers

GET /uploads/berita/berita_212611051140_DHSluncurkanBRATACLASSuntukMilenialsGenZGenUntukBersaingdiEraGlobalisasi.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:55 GMT
content-type: image/png
last-modified: Fri, 26 Nov 2021 09:04:41 GMT
accept-ranges: bytes
content-length: 1757391
date: Mon, 06 Feb 2023 09:18:55 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708120804_AustraliaShortCourse.jpg

103.253.213.43

200 OK

639 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708120804_AustraliaShortCourse.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:28:24 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset -0.000000, slope 46.000000], baseline, precision 8, 1000x667, components 3\012- data
Size
639 kB (638992 bytes)
Hash
960969ae517caaaf10fbea3667fbfe77
fe7766f68e401e1bc572e30ef5385d681df11e05
736c8720cc30c477aabc1ddbc20de8dff07e32f924dd0d2b4227418330f37076

HTTP Headers

GET /uploads/program/program_202708120804_AustraliaShortCourse.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:55:04 GMT
accept-ranges: bytes
content-length: 638992
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708120820_THSAustralia.jpg

103.253.213.43

200 OK

458 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708120820_THSAustralia.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:07:23], baseline, precision 8, 1000x667, components 3\012- data
Size
458 kB (457904 bytes)
Hash
8666d073d3988b3c013a58f65232d237
09a6903f9d65d78f4aac228e166ffcb8e090ec56
8d3eb6dd88c2a60acc216e86d37beb4063e44e60218e53d6b38babbb1391277f

HTTP Headers

GET /uploads/program/program_202708120820_THSAustralia.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:55:20 GMT
accept-ranges: bytes
content-length: 457904
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010823_Perhotelan.jpg

103.253.213.43

200 OK

528 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010823_Perhotelan.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:23:54], baseline, precision 8, 1000x667, components 3\012- data
Size
528 kB (527764 bytes)
Hash
8d83dff10d05cabe7eb986dd37f468e4
99ef4e8d19fea081d255331fa513f446cbc8a0b9
0fd20b513cf35ceba4b9ae2615b61a229ae57e72d44b0e8e00e6d59db4b05491

HTTP Headers

GET /uploads/program/program_202708010823_Perhotelan.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:35:23 GMT
accept-ranges: bytes
content-length: 527764
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010808_Bartender.jpg

103.253.213.43

200 OK

648 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010808_Bartender.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:26:44], baseline, precision 8, 1000x667, components 3\012- data
Size
648 kB (648267 bytes)
Hash
31eb7f31585683d11825e7309d3a26d9
cbfb4f913eead734a5badacfa46c77712441862f
6105c9a8211d21fdd1ecaf7368fad8c5c00c63a28eea1488fed3f28cbe6e739c

HTTP Headers

GET /uploads/program/program_202708010808_Bartender.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:32:08 GMT
accept-ranges: bytes
content-length: 648267
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010811_CulinaryArt.jpg

103.253.213.43

200 OK

627 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010811_CulinaryArt.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:23:08], baseline, precision 8, 1000x667, components 3\012- data
Size
627 kB (626830 bytes)
Hash
50e2d8f3903013bad9cb1973533edd41
3945083452bc6aec93098634ce31f9097f93b3ac
6735028e568fc21a7383a9be8fb698d010f8e63cd5bb1b200787dc2a8a820a4b

HTTP Headers

GET /uploads/program/program_202708010811_CulinaryArt.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:35:11 GMT
accept-ranges: bytes
content-length: 626830
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010823_Housekeeping.jpg

103.253.213.43

200 OK

545 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010823_Housekeeping.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:27:22 DIY-Thermocam raw data\012- (Lepton 2.x), scale 885-29292, spot sensor temperature 3715504275456.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 1186825144474799235106078720.000000], baseline, precision 8, 1000x667, components 3\012- data
Size
545 kB (545218 bytes)
Hash
e777c6df17df88c6e65ba3847021fbc7
46c3c3de9d1c400389b7fcbaea8a06d215df3c0c
748673e785bcc156031ec9bda69554aa1f02a4448caaaf859945acd28d4766ab

HTTP Headers

GET /uploads/program/program_202708010823_Housekeeping.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:32:23 GMT
accept-ranges: bytes
content-length: 545218
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010807_FrontOffice.jpg

103.253.213.43

200 OK

472 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010807_FrontOffice.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:31:15], baseline, precision 8, 1000x667, components 3\012- data
Size
472 kB (472183 bytes)
Hash
f0b205442b6c4c046d716668f8d6b961
95ea323cd0f9e18b2b1a90ba3daedb78aeb4b1eb
4315438c794928bbc4af5cebe446d6f90e02b65bb82601c83252d826881bf35a

HTTP Headers

GET /uploads/program/program_202708010807_FrontOffice.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:33:07 GMT
accept-ranges: bytes
content-length: 472183
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010837_FBService.jpg

103.253.213.43

200 OK

548 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010837_FBService.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:28:18], baseline, precision 8, 1000x667, components 3\012- data
Size
548 kB (547782 bytes)
Hash
82902036899edc59feeea5b9b1d84b63
c5d2df54b843ebd2c73fc9e404da46f5d93a71b9
e15daf326634fa7d2ab91e18929d91ed2fa0b12702685990b70f1417a08d9a7b

HTTP Headers

GET /uploads/program/program_202708010837_FBService.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:32:37 GMT
accept-ranges: bytes
content-length: 547782
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708010850_CulinaryArt.jpg

103.253.213.43

200 OK

520 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708010850_CulinaryArt.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 13:25:21], baseline, precision 8, 1000x667, components 3\012- data
Size
520 kB (519698 bytes)
Hash
941b027165e5dfcc7976a1d448c0e345
51e7ecd1a8332d044687ff180d30bde2a202e404
8f8bc622e9760eaf9ffa0ce70ac4bfdccb70dde686b91f546d9ec759fcace86c

HTTP Headers

GET /uploads/program/program_202708010850_CulinaryArt.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 05:32:50 GMT
accept-ranges: bytes
content-length: 519698
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_210701110126_DHSSERVEHUMANITY.jpeg

103.253.213.43

200 OK

173 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_210701110126_DHSSERVEHUMANITY.jpeg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1000, components 3\012- data
Size
173 kB (173401 bytes)
Hash
cd9e7c598045d5e7d832b099e65988fd
af250be046a0b4b81b135e95a27a57585e13eac6
4a69c6c774198bca2b2ce7f173143b45713adbdfc0be0e6f5e6daa186b92809f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uploads/program/program_210701110126_DHSSERVEHUMANITY.jpeg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 07 Jan 2021 03:45:26 GMT
accept-ranges: bytes
content-length: 173401
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/logo_192509100957_.png

103.253.213.43

200 OK

21 kB

URL HTTP/1.1
dhs.or.id/uploads/logo_192509100957_.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 221 x 186, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20818 bytes)
Hash
f7879aa7406038be98a17634403562ae
2f2167f91757bccd0144a85fb1ed75bbd34bb1ee
113400779caf68a239c8dd2ca9d2e13e54ba3e35caf84f6610dde24f2fcc014b

HTTP Headers

GET /uploads/logo_192509100957_.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2019 02:09:57 GMT
accept-ranges: bytes
content-length: 20818
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/indonesian.png

103.253.213.43

200 OK

774 B

URL HTTP/1.1
dhs.or.id/uploads/indonesian.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
774 B (774 bytes)
Hash
42cf93dd015a8b26d01131cfec41e5ef
2809d8cec72607868f82785d6a3f72d975fcc8aa
e209f73b639cf332ee95345ef0725673ea1a2dbea1165530a1754fb2cf9881b3

HTTP Headers

GET /uploads/indonesian.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Mon, 07 Oct 2019 09:02:00 GMT
accept-ranges: bytes
content-length: 774
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/slider/slider_201401010157_SelamatdatangdiDHS.jpg

103.253.213.43

200 OK

532 kB

URL HTTP/1.1
dhs.or.id/uploads/slider/slider_201401010157_SelamatdatangdiDHS.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=640, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x640, components 3\012- data
Size
532 kB (532261 bytes)
Hash
d1498b1ad7bc045aa7a18cbcf9a1247c
3be750bf45a0a8545da921cdcb4fac8da6d38263
3ab867c54b1e2492d2e47568f1c85f19131e7b9602af77fe451acab90debcd89

HTTP Headers

GET /uploads/slider/slider_201401010157_SelamatdatangdiDHS.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jan 2020 05:45:57 GMT
accept-ranges: bytes
content-length: 532261
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/dhs_klungkung.png

103.253.213.43

200 OK

143 kB

URL HTTP/1.1
dhs.or.id/uploads/dhs_klungkung.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 1312 x 474, 8-bit/color RGBA, non-interlaced\012- data
Size
143 kB (143196 bytes)
Hash
180cb4501aaf422ba7e1769128cb6304
164949b563b74c13f0ff8f6d66f0ee0392ad71e4
11abb34f1d1f40c2c9a2c0f411a1198f3b0c75023eb7c2c4e6d8843dc9cd39a1

HTTP Headers

GET /uploads/dhs_klungkung.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Wed, 22 Jan 2020 07:14:52 GMT
accept-ranges: bytes
content-length: 143196
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/header_190310041035_.png

103.253.213.43

200 OK

12 kB

URL HTTP/1.1
dhs.or.id/uploads/header_190310041035_.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 214 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12116 bytes)
Hash
3ec37168d74d72b49e303aa17d977111
8d4986e3c3ef670e96c015d2ac1a5905c1c18e8d
ab83d943106fbe50f4ead0699656763375d610854a0ea74558056edb0d34e94c

HTTP Headers

GET /uploads/header_190310041035_.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2019 08:49:35 GMT
accept-ranges: bytes
content-length: 12116
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_202708120854_TAFEAustralia.jpg

103.253.213.43

200 OK

443 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_202708120854_TAFEAustralia.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:08:27 12:50:43], baseline, precision 8, 1000x667, components 3\012- data
Size
443 kB (442969 bytes)
Hash
534e5006753e176874241b1890bb8861
fa42ad5a6e9106e8bef471141c5d86ce736834a7
e7a635fa66ca2a345953c6e2e3a3780329a7eab2e2a5f156e82459d886de4ad3

HTTP Headers

GET /uploads/program/program_202708120854_TAFEAustralia.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/jpeg
last-modified: Thu, 27 Aug 2020 04:55:54 GMT
accept-ranges: bytes
content-length: 442969
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/carrer/icon_190210121020_ProgramPelatihanKerja.png

103.253.213.43

200 OK

2.0 kB

URL HTTP/1.1
dhs.or.id/uploads/carrer/icon_190210121020_ProgramPelatihanKerja.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2031 bytes)
Hash
475ab2538aa4be05a6f0367fd38d2c06
2a5f59cc18e5a6a69b85550cee8f18b150f63e82
f69e1c4dcfe176e89272e14353942be1695f078a58c18b256581b8d11384822f

HTTP Headers

GET /uploads/carrer/icon_190210121020_ProgramPelatihanKerja.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2019 04:08:20 GMT
accept-ranges: bytes
content-length: 2031
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/carrer/icon_190210121054_HubunganIndustri.png

103.253.213.43

200 OK

1.6 kB

URL HTTP/1.1
dhs.or.id/uploads/carrer/icon_190210121054_HubunganIndustri.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1648 bytes)
Hash
81cf350430da17286712ef379f8e65a8
8e2491245a08d3f1e7a761ff93cee65451340ce4
74bc8f161b164bc45a4f3341136b1782aa6caebf07e62e4578df7eea75a18090

HTTP Headers

GET /uploads/carrer/icon_190210121054_HubunganIndustri.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:56 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2019 04:12:54 GMT
accept-ranges: bytes
content-length: 1648
date: Mon, 06 Feb 2023 09:18:56 GMT
server: LiteSpeed

dhs.or.id/uploads/carrer/icon_190210121005_KonsultanKarirPendidikan.png

103.253.213.43

200 OK

1.3 kB

URL HTTP/1.1
dhs.or.id/uploads/carrer/icon_190210121005_KonsultanKarirPendidikan.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1310 bytes)
Hash
c8b885d9cbeaeaf0de16649bc811124b
18940985557611bc0da55911d1f55beb020ccedb
c68c2a94317725c6a42ca3aebe5f08adfd7e4fa0888503c6d3e57a7bbdb98a5d

HTTP Headers

GET /uploads/carrer/icon_190210121005_KonsultanKarirPendidikan.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2019 04:13:05 GMT
accept-ranges: bytes
content-length: 1310
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/carrer/icon_190210121014_ForumBisnisPerhotelanKapalPersian.png

103.253.213.43

200 OK

2.3 kB

URL HTTP/1.1
dhs.or.id/uploads/carrer/icon_190210121014_ForumBisnisPerhotelanKapalPersian.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2340 bytes)
Hash
9ca97ac3a63e5611798ad0285f591b19
ab0f74bd14758f79c81c9a76105b7f3f48e815d1
9796e8654dffec494c633f8996f3d3793a3614a569270db4eefc428cf928a986

HTTP Headers

GET /uploads/carrer/icon_190210121014_ForumBisnisPerhotelanKapalPersian.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2019 04:13:14 GMT
accept-ranges: bytes
content-length: 2340
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/bg_career.jpg

103.253.213.43

200 OK

162 kB

URL HTTP/1.1
dhs.or.id/uploads/bg_career.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x631, components 3\012- data
Size
162 kB (161716 bytes)
Hash
270b75a9797625ad8372fff704f47f16
abd4e9f19d4fe23a67c8165797b10c8ba1724ad0
344a1f72006835be9034cef3feef7cbac62c4cdc4583c4aaf5460260ed179e65

HTTP Headers

GET /uploads/bg_career.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Thu, 03 Oct 2019 04:09:13 GMT
accept-ranges: bytes
content-length: 161716
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/program/program_210912011223_LAUNCHINGBRATACLASS.png

103.253.213.43

200 OK

822 kB

URL HTTP/1.1
dhs.or.id/uploads/program/program_210912011223_LAUNCHINGBRATACLASS.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 1000 x 993, 8-bit/color RGBA, non-interlaced\012- data
Size
822 kB (822222 bytes)
Hash
3f81c49cf155b092c1243a125993a238
2886ee272d1108ce44c0c80272fd934362a83932
5951160f793bd4fae51db70888a0e24a981521ed6dd170d1fa39168cda411703

HTTP Headers

GET /uploads/program/program_210912011223_LAUNCHINGBRATACLASS.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Thu, 09 Dec 2021 05:01:24 GMT
accept-ranges: bytes
content-length: 822222
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/testimoni/testimoni_191510021056_SatrioRizkyNurahmaji.jpg

103.253.213.43

200 OK

68 kB

URL HTTP/1.1
dhs.or.id/uploads/testimoni/testimoni_191510021056_SatrioRizkyNurahmaji.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x667, components 3\012- data
Size
68 kB (68037 bytes)
Hash
884460721551969af717895b01f54342
81eab2d568edbf73a718729b1a68000cd709e9ef
ca155c5775d1d80975ef7e3179d62898bfae4edc320016980c3fb94805d43cfd

HTTP Headers

GET /uploads/testimoni/testimoni_191510021056_SatrioRizkyNurahmaji.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 15 Oct 2019 06:53:56 GMT
accept-ranges: bytes
content-length: 68037
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/testimoni/testimoni_191410041014_PandeMadeAndikaSuprayana.jpg

103.253.213.43

200 OK

26 kB

URL HTTP/1.1
dhs.or.id/uploads/testimoni/testimoni_191410041014_PandeMadeAndikaSuprayana.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Size
26 kB (25744 bytes)
Hash
b6f233074056c0689265d7ef61e36959
401dbd9a36f14a3c50dbc2a245e15a1c386517e4
99f1cd5080cb9b91ad7582b8447d1eda2de64e9c4b397071be49fd642bb91cf1

HTTP Headers

GET /uploads/testimoni/testimoni_191410041014_PandeMadeAndikaSuprayana.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 15 Oct 2019 04:16:17 GMT
accept-ranges: bytes
content-length: 25744
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/testimoni/testimoni_191410041008_NiMadeMeidyAniPrastiwi.jpg

103.253.213.43

200 OK

55 kB

URL HTTP/1.1
dhs.or.id/uploads/testimoni/testimoni_191410041008_NiMadeMeidyAniPrastiwi.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1000, components 3\012- data
Size
55 kB (54620 bytes)
Hash
31bf8e0f339f66dd1e4a6cbc3ecc7888
fb70521a9d5d43d36189d3b0708e8a5bc1c51dfd
d80c403660020854763cff456826d89208a3f26e8d8a00aa77443d1a7720afac

HTTP Headers

GET /uploads/testimoni/testimoni_191410041008_NiMadeMeidyAniPrastiwi.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Mon, 14 Oct 2019 08:30:08 GMT
accept-ranges: bytes
content-length: 54620
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/English.png

103.253.213.43

200 OK

707 B

URL HTTP/1.1
dhs.or.id/uploads/English.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
707 B (707 bytes)
Hash
e4896565595fc22e344fd619c0ed15bb
43d4481a4cc3e60b406b2467b5f7e576fcbae260
c3a4cb8f32ef0cd89e6429d40d1faebd359e02e34d69764052c8402a391e9a00

HTTP Headers

GET /uploads/English.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Mon, 07 Oct 2019 09:02:00 GMT
accept-ranges: bytes
content-length: 707
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/slider/slider_201401010116_StartYourCareer.jpg

103.253.213.43

200 OK

914 kB

URL HTTP/1.1
dhs.or.id/uploads/slider/slider_201401010116_StartYourCareer.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=640, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x640, components 3\012- data
Size
914 kB (913922 bytes)
Hash
26c7cfcd0d029113d835152ee348e3c0
2291448965a8848626a7cfc3209cd5a0239cf360
6a857fb2611d6fd7375a12c1281a2cd7b5f135b2f2a937352faf383ed2af0bcb

HTTP Headers

GET /uploads/slider/slider_201401010116_StartYourCareer.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jan 2020 05:37:16 GMT
accept-ranges: bytes
content-length: 913922
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/slider/slider_190310041006_StartYourCareer.jpg

103.253.213.43

200 OK

392 kB

URL HTTP/1.1
dhs.or.id/uploads/slider/slider_190310041006_StartYourCareer.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x640, components 3\012- data
Size
392 kB (391606 bytes)
Hash
e3aebb63fe00e0eaaa0d0d04b0550f44
3a1c561dd7d81b1ef9dc1fc4ba795aedc8867349
a261cbd11b2ed3d7d7d98e553041447152984d7a103aa368004a2b1b2ec37ef4

HTTP Headers

GET /uploads/slider/slider_190310041006_StartYourCareer.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Thu, 03 Oct 2019 08:17:06 GMT
accept-ranges: bytes
content-length: 391606
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/slider/slider_192509110933_GapaiKarirCemerlangdiIndustriHospitality.jpg

103.253.213.43

200 OK

526 kB

URL HTTP/1.1
dhs.or.id/uploads/slider/slider_192509110933_GapaiKarirCemerlangdiIndustriHospitality.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x640, components 3\012- data
Size
526 kB (526526 bytes)
Hash
a51a5dcb12a33d66103ed6d7003fdd5e
67287353979d2b68a91883bcc407193357594f45
1ad0bfdbf2e6dd14aa911c178ec3528c4ebe0910d40e313ab6cf9c22daa901bd

HTTP Headers

GET /uploads/slider/slider_192509110933_GapaiKarirCemerlangdiIndustriHospitality.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2019 03:21:33 GMT
accept-ranges: bytes
content-length: 526526
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/slider/slider_201401010152_StartYourCareer.jpg

103.253.213.43

200 OK

964 kB

URL HTTP/1.1
dhs.or.id/uploads/slider/slider_201401010152_StartYourCareer.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=640, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x640, components 3\012- data
Size
964 kB (964233 bytes)
Hash
23faaa850dbd0b2af99f6238303a5778
18f663d2b6dda7c7824b56f8b487fe0126b8154a
8bf756895e94a27d27750ba78e5ad21c37cd7e41cad8d3da92776f85669e67ec

HTTP Headers

GET /uploads/slider/slider_201401010152_StartYourCareer.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jan 2020 05:28:52 GMT
accept-ranges: bytes
content-length: 964233
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/slider/slider_192509100958_SelamatDatangdiDHS.jpg

103.253.213.43

200 OK

704 kB

URL HTTP/1.1
dhs.or.id/uploads/slider/slider_192509100958_SelamatDatangdiDHS.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x640, components 3\012- data
Size
704 kB (703783 bytes)
Hash
2578146e5c7de8635c891efcf69941e8
080658d47a129439a72aaa2e2a39cfb6a8ea7ad2
ff63e6420cd2a72bc3251bda9f01280aeaee63c85cd63da7a54915e2d161dfb3

HTTP Headers

GET /uploads/slider/slider_192509100958_SelamatDatangdiDHS.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2019 02:13:58 GMT
accept-ranges: bytes
content-length: 703783
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id//public/images/icon.png

103.253.213.43

200 OK

10 kB

URL HTTP/1.1
dhs.or.id//public/images/icon.png
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10094 bytes)
Hash
3ce91d10102c5792a48b5f21680f9b16
506d21e041a9ea398ef8d6da7f13600de8eabd79
cd03c38326e09214eb7477126f8be4b86bc941e4fb5e1307afcab523dc6a0623

HTTP Headers

GET //public/images/icon.png HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2019 07:39:56 GMT
accept-ranges: bytes
content-length: 10094
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

dhs.or.id/uploads/slider/slider_201401010127_StartYourCareer.jpg

103.253.213.43

200 OK

695 kB

URL HTTP/1.1
dhs.or.id/uploads/slider/slider_201401010127_StartYourCareer.jpg
IP
103.253.213.43:0
ASN
#58487 Rumahweb Indonesia CV.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=640, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x640, components 3\012- data
Size
695 kB (695000 bytes)
Hash
60577e5a5bd28a985a376c531e57767b
b4cced7f492c8d2fa170380d77206b28ebd14e08
ad112cc9915f91019462c34f8f465e8b1e805887e1c51892d0f0a8598f8fb0ed

HTTP Headers

GET /uploads/slider/slider_201401010127_StartYourCareer.jpg HTTP/1.1
Host: dhs.or.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhs.or.id/new/public/ckfinder/userfiles/files/how-to-hack-roblox-with-dll-injector_GM431946152.pdf
Cookie: ci_session=d16824e11fb9a03ab5840e76f08e394c97dbb4ac

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 09:18:57 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jan 2020 05:32:27 GMT
accept-ranges: bytes
content-length: 695000
date: Mon, 06 Feb 2023 09:18:57 GMT
server: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6f51d1339a69144672058890b98c8729
82a41bc760d94fc1a40679ce12ce9f194d5f0e0d
92653a165cbe4ef88ace4c53cedf6db8004f7ba656c2f84f9e94caead68cd3a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1628
Cache-Control: max-age=132296
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:59 GMT
Etag: "63e0216f-1d7"
Expires: Tue, 07 Feb 2023 22:03:55 GMT
Last-Modified: Sun, 05 Feb 2023 21:36:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6f51d1339a69144672058890b98c8729
82a41bc760d94fc1a40679ce12ce9f194d5f0e0d
92653a165cbe4ef88ace4c53cedf6db8004f7ba656c2f84f9e94caead68cd3a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1628
Cache-Control: max-age=132296
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:59 GMT
Etag: "63e0216f-1d7"
Expires: Tue, 07 Feb 2023 22:03:55 GMT
Last-Modified: Sun, 05 Feb 2023 21:36:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

www.instagram.com/denpasarhotelschool

31.13.72.174

301 Moved Permanently

0 B

URL HTTP/2
www.instagram.com/denpasarhotelschool
IP
31.13.72.174:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /denpasarhotelschool HTTP/1.1
Host: www.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dhs.or.id
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://www.instagram.com/denpasarhotelschool/
strict-transport-security: max-age=15552000
content-type: text/html; charset="utf-8"
x-fb-debug: +E5tqawbZKatIRsxtk+Ev05tKfb6FqDwXaVo8RC/ZHUNmA5Xku3hmPtVpW7IGwu2aYTfpMqJeEGoiOeg8TdVOw==
content-length: 0
date: Mon, 06 Feb 2023 09:18:59 GMT
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.instagram.com/denpasarhotelschool

31.13.72.174

301 Moved Permanently

0 B

URL HTTP/2
www.instagram.com/denpasarhotelschool
IP
31.13.72.174:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /denpasarhotelschool HTTP/1.1
Host: www.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://dhs.or.id
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://www.instagram.com/denpasarhotelschool/
strict-transport-security: max-age=15552000
content-type: text/html; charset="utf-8"
x-fb-debug: GKwwaYYN8uwr9h15CceJzou/FrMb1L9Iym4QglZZ14IasUhQ9D9eCxHw3m/gj6FDiR4SfDFtLDec2cz9sVkjzw==
content-length: 0
date: Mon, 06 Feb 2023 09:18:59 GMT
priority: u=3,i
x-fb-trip-id: 1679558926
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6f51d1339a69144672058890b98c8729
82a41bc760d94fc1a40679ce12ce9f194d5f0e0d
92653a165cbe4ef88ace4c53cedf6db8004f7ba656c2f84f9e94caead68cd3a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1628
Cache-Control: max-age=132296
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:18:59 GMT
Etag: "63e0216f-1d7"
Expires: Tue, 07 Feb 2023 22:03:55 GMT
Last-Modified: Sun, 05 Feb 2023 21:36:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

snapwidget.com/js/snapwidget.js

172.67.75.33

200 OK

0 B

URL HTTP/2
snapwidget.com/js/snapwidget.js
IP
172.67.75.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/snapwidget.js HTTP/1.1
Host: snapwidget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:18:53 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
etag: W/"63c698d9-560f"
last-modified: Tue, 17 Jan 2023 12:47:21 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1715122
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7H5trHIGC6iN%2BHkXdkxCM4fo4gHwvFvlJVu5HDZlJCIczShQYuZ1kCTH5uALxLoPd%2BPr%2B7qtdL2zVwQmGJPfFVpqKCHQgrCFo%2FvLmkP86kAUJvYWmMR%2FcduAvOVaNuY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 7952cd0ebb4a0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhs.or.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 09:18:53 GMT
date: Mon, 06 Feb 2023 09:18:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML